The prior art reveals providing access to application services, such e-mail and Instant Messaging (IM), from a mobile device such as a mobile telephone. In order to provide access to such applications, the prior art mobile device is equipped with a client which communicates with a server typically via a plurality of communications networks. For example, a mobile core network provides the wireless interconnection between the mobile device, one or more fixed ground stations, or nodes, and the mobile backbone network which interconnects the nodes and an external network, such as the internet, an X.25 network or the like, which interconnects the mobile backbone network of the mobile core network with the servers of the service provider.
The operator of the core mobile network, typically referred to as a mobile carrier, offers these application services as a “mobile access service” and charges the user of the mobile device for use of such mobile access services. For charging purposes, the mobile carrier requires identification of the user of the mobile access service(s) which is used to identify the mobile user/device but is unrelated to the mobile access service(s) being used.
One example of such an identifier is the Mobile Directory Number (MDN) which for example in a GSM network is the user's unique 16 digit Mobile Station ISDN Number (MSISDN). The MSISDN identifier is available from the mobile GSM device whenever the device is communicating with nodes within the mobile core network (e.g. the Home Location Register, HLR), as it is available at a number of protocol layers. However, when a client resident on the mobile device is communicating with an application located on a server which is outside of the core mobile network, the MSISDN identifier may be unavailable to the client. This can occur, for instance, when the client comprises a downloadable JAVA midlet or the like, and where for security reasons the JAVA machine in the mobile device does not disclose the MSISDN identifier to the JAVA applications that it runs.
The prior art reveals a number of methods for providing identification of the mobile device/user. For example, the prior art reveals the client requesting such identification from an intermediate node in the mobile core network and then inserting this identification by the client into the headers of subsequent transmissions. One drawback of this prior art solution is that the client could insert incorrect (and in the worst case fraudulent) identifiers into the headers as there is no way to adequately verify that the source of the identifier is the intermediate node. Additionally, this prior art implementation provides virtually no control over the clients. For example, there is no way to reset identifiers stored on the client side or to force the clients to validate the identifiers.
The prior art also reveals providing a recognizable transaction (packet) format which is then intercepted by an intermediate node and the requisite identifier inserted into the packet. For example, when HTTP is being used for communicating between client and server, intermediate nodes (such as WAP gateways) can add the identifier, or any other information that is not available to the client for that matter, to the HTTP transaction by adding headers to the HTTP request or response.
One drawback of this prior art approach is that it cannot be used when a secure end-to-end tunnelling protocol, such as HTTPS, is being used as an intermediate node cannot alter the contents of an HTTPS transaction. Such a secure protocol is needed, for example, when confidential information such as user credentials (User ID and/or password) is to be transmitted and at least a portion of the communication path used to transmit the information is via an unsecured network such as the Internet.
Another drawback of the above prior art approach is that the intermediate node cannot distinguish between the different types of transactions which are being routed through the node and as a result the identifier must be inserted in all transactions which increases latency and the requisite bandwidth.